prysm-pulse/shared/gateway/param_handling.go
Radosław Kapka dd0ae1bbef
Move API param handling to separate file (#9101)
Co-authored-by: prylabs-bulldozer[bot] <58059840+prylabs-bulldozer[bot]@users.noreply.github.com>
2021-06-26 18:42:54 +00:00

101 lines
3.1 KiB
Go

package gateway
import (
"encoding/base64"
"net/http"
"strings"
"github.com/gorilla/mux"
"github.com/pkg/errors"
butil "github.com/prysmaticlabs/prysm/shared/bytesutil"
"github.com/wealdtech/go-bytesutil"
)
// HandleURLParameters processes URL parameters, allowing parameterized URLs to be safely and correctly proxied to grpc-gateway.
func HandleURLParameters(url string, req *http.Request, literals []string) ErrorJson {
segments := strings.Split(url, "/")
segmentsLoop:
for i, s := range segments {
// We only care about segments which are parameterized.
if isRequestParam(s) {
// Don't do anything with parameters which should be forwarded literally to gRPC.
for _, l := range literals {
if s == "{"+l+"}" {
continue segmentsLoop
}
}
routeVar := mux.Vars(req)[s[1:len(s)-1]]
bRouteVar := []byte(routeVar)
isHex, err := butil.IsHex(bRouteVar)
if err != nil {
e := errors.Wrapf(err, "could not process URL parameter")
return &DefaultErrorJson{Message: e.Error(), Code: http.StatusInternalServerError}
}
if isHex {
bRouteVar, err = bytesutil.FromHexString(string(bRouteVar))
if err != nil {
e := errors.Wrapf(err, "could not process URL parameter")
return &DefaultErrorJson{Message: e.Error(), Code: http.StatusInternalServerError}
}
}
// Converting hex to base64 may result in a value which malforms the URL.
// We use URLEncoding to safely escape such values.
base64RouteVar := base64.URLEncoding.EncodeToString(bRouteVar)
// Merge segments back into the full URL.
splitPath := strings.Split(req.URL.Path, "/")
splitPath[i] = base64RouteVar
req.URL.Path = strings.Join(splitPath, "/")
}
}
return nil
}
// HandleQueryParameters processes query parameters, allowing them to be safely and correctly proxied to grpc-gateway.
func HandleQueryParameters(req *http.Request, params []QueryParam) ErrorJson {
queryParams := req.URL.Query()
for key, vals := range queryParams {
for _, p := range params {
if key == p.Name {
if p.Hex {
queryParams.Del(key)
for _, v := range vals {
b := []byte(v)
isHex, err := butil.IsHex(b)
if err != nil {
e := errors.Wrapf(err, "could not process query parameter")
return &DefaultErrorJson{Message: e.Error(), Code: http.StatusInternalServerError}
}
if isHex {
b, err = bytesutil.FromHexString(v)
if err != nil {
e := errors.Wrapf(err, "could not process query parameter")
return &DefaultErrorJson{Message: e.Error(), Code: http.StatusInternalServerError}
}
}
queryParams.Add(key, base64.URLEncoding.EncodeToString(b))
}
}
if p.Enum {
queryParams.Del(key)
for _, v := range vals {
// gRPC expects uppercase enum values.
queryParams.Add(key, strings.ToUpper(v))
}
}
}
}
}
req.URL.RawQuery = queryParams.Encode()
return nil
}
// isRequestParam verifies whether the passed string is a request parameter.
// Request parameters are enclosed in { and }.
func isRequestParam(s string) bool {
return len(s) > 2 && s[0] == '{' && s[len(s)-1] == '}'
}